WO2012003050A1 - Systèmes et procédés de création de bandes de confiance personnalisées destinées à être utilisées en détection de logiciel malveillant - Google Patents
Systèmes et procédés de création de bandes de confiance personnalisées destinées à être utilisées en détection de logiciel malveillant Download PDFInfo
- Publication number
- WO2012003050A1 WO2012003050A1 PCT/US2011/036562 US2011036562W WO2012003050A1 WO 2012003050 A1 WO2012003050 A1 WO 2012003050A1 US 2011036562 W US2011036562 W US 2011036562W WO 2012003050 A1 WO2012003050 A1 WO 2012003050A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- portal
- executable
- computer
- executable object
- disposition
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Abstract
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP11722671.2A EP2588984A1 (fr) | 2010-07-02 | 2011-05-14 | Systèmes et procédés de création de bandes de confiance personnalisées destinées à être utilisées en détection de logiciel malveillant |
CN201180028892.0A CN103109295B (zh) | 2010-07-02 | 2011-05-14 | 创建在恶意软件检测中使用的定制化置信带的系统和方法 |
JP2013518400A JP5715693B2 (ja) | 2010-07-02 | 2011-05-14 | マルウェア検出に使用するカスタマイズされた信頼帯を作成するシステム及び方法 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/830,286 | 2010-07-02 | ||
US12/830,286 US8528090B2 (en) | 2010-07-02 | 2010-07-02 | Systems and methods for creating customized confidence bands for use in malware detection |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2012003050A1 true WO2012003050A1 (fr) | 2012-01-05 |
Family
ID=44121261
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2011/036562 WO2012003050A1 (fr) | 2010-07-02 | 2011-05-14 | Systèmes et procédés de création de bandes de confiance personnalisées destinées à être utilisées en détection de logiciel malveillant |
Country Status (5)
Country | Link |
---|---|
US (1) | US8528090B2 (fr) |
EP (1) | EP2588984A1 (fr) |
JP (1) | JP5715693B2 (fr) |
CN (1) | CN103109295B (fr) |
WO (1) | WO2012003050A1 (fr) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013143132A (ja) * | 2012-01-10 | 2013-07-22 | Xecure Lab Co Ltd | 悪意のある書類ファイルのデジタル指紋を取得する方法 |
US8528090B2 (en) | 2010-07-02 | 2013-09-03 | Symantec Corporation | Systems and methods for creating customized confidence bands for use in malware detection |
JP2015530678A (ja) * | 2012-10-29 | 2015-10-15 | マカフィー, インコーポレイテッド | マルウェア検出の動的な検疫 |
WO2017027103A1 (fr) * | 2015-08-11 | 2017-02-16 | Symantec Corporation | Systèmes et procédés permettant de détecter des vulnérabilités inconnues dans des processus informatiques |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8832835B1 (en) * | 2010-10-28 | 2014-09-09 | Symantec Corporation | Detecting and remediating malware dropped by files |
WO2013170064A2 (fr) | 2012-05-09 | 2013-11-14 | SunStone Information Defense Inc. | Procédés et appareil pour identifier et supprimer des applications malveillantes |
US9009615B2 (en) | 2012-10-17 | 2015-04-14 | Microsoft Technology Licensing, Llc | Portal for submitting business metadata for services |
CN106295333B (zh) * | 2015-05-27 | 2018-08-17 | 安一恒通(北京)科技有限公司 | 用于检测恶意代码的方法和系统 |
US11941121B2 (en) * | 2021-12-28 | 2024-03-26 | Uab 360 It | Systems and methods for detecting malware using static and dynamic malware models |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006094228A2 (fr) * | 2005-03-02 | 2006-09-08 | Markmonitor, Inc. | Mise en place de politiques de fiducie |
US20060253581A1 (en) * | 2005-05-03 | 2006-11-09 | Dixon Christopher J | Indicating website reputations during website manipulation of user information |
WO2010002638A2 (fr) * | 2008-06-30 | 2010-01-07 | Symantec Corporation | Communication simplifiée d'une note de réputation pour une entité |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4516331B2 (ja) * | 2004-03-03 | 2010-08-04 | 東芝Itサービス株式会社 | 業務支援装置及び業務支援プログラム |
US8190540B2 (en) * | 2005-01-14 | 2012-05-29 | Ultra-Scan Corporation | Multimodal fusion decision logic system for determining whether to accept a specimen |
US20070100643A1 (en) * | 2005-10-07 | 2007-05-03 | Sap Ag | Enterprise integrity modeling |
US7845013B2 (en) * | 2006-05-30 | 2010-11-30 | International Business Machines Corporation | Method and system for protecting the security of an open file in a computing environment |
US8424061B2 (en) * | 2006-09-12 | 2013-04-16 | International Business Machines Corporation | Method, system and program product for authenticating a user seeking to perform an electronic service request |
JP2009059160A (ja) * | 2007-08-31 | 2009-03-19 | Sony Corp | サーバ装置、ネットワークシステム、コンテンツ発見通知方法、及びコンピュータ・プログラム |
US7472420B1 (en) * | 2008-04-23 | 2008-12-30 | Kaspersky Lab, Zao | Method and system for detection of previously unknown malware components |
US8418237B2 (en) * | 2009-10-20 | 2013-04-09 | Microsoft Corporation | Resource access based on multiple credentials |
US8528090B2 (en) | 2010-07-02 | 2013-09-03 | Symantec Corporation | Systems and methods for creating customized confidence bands for use in malware detection |
-
2010
- 2010-07-02 US US12/830,286 patent/US8528090B2/en active Active
-
2011
- 2011-05-14 CN CN201180028892.0A patent/CN103109295B/zh active Active
- 2011-05-14 JP JP2013518400A patent/JP5715693B2/ja active Active
- 2011-05-14 WO PCT/US2011/036562 patent/WO2012003050A1/fr active Application Filing
- 2011-05-14 EP EP11722671.2A patent/EP2588984A1/fr not_active Withdrawn
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006094228A2 (fr) * | 2005-03-02 | 2006-09-08 | Markmonitor, Inc. | Mise en place de politiques de fiducie |
US20060212930A1 (en) * | 2005-03-02 | 2006-09-21 | Markmonitor, Inc. | Distribution of trust data |
US20060253581A1 (en) * | 2005-05-03 | 2006-11-09 | Dixon Christopher J | Indicating website reputations during website manipulation of user information |
WO2010002638A2 (fr) * | 2008-06-30 | 2010-01-07 | Symantec Corporation | Communication simplifiée d'une note de réputation pour une entité |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8528090B2 (en) | 2010-07-02 | 2013-09-03 | Symantec Corporation | Systems and methods for creating customized confidence bands for use in malware detection |
JP2013143132A (ja) * | 2012-01-10 | 2013-07-22 | Xecure Lab Co Ltd | 悪意のある書類ファイルのデジタル指紋を取得する方法 |
JP2015530678A (ja) * | 2012-10-29 | 2015-10-15 | マカフィー, インコーポレイテッド | マルウェア検出の動的な検疫 |
WO2017027103A1 (fr) * | 2015-08-11 | 2017-02-16 | Symantec Corporation | Systèmes et procédés permettant de détecter des vulnérabilités inconnues dans des processus informatiques |
Also Published As
Publication number | Publication date |
---|---|
JP2013533554A (ja) | 2013-08-22 |
CN103109295B (zh) | 2015-09-09 |
US8528090B2 (en) | 2013-09-03 |
US20120005751A1 (en) | 2012-01-05 |
JP5715693B2 (ja) | 2015-05-13 |
EP2588984A1 (fr) | 2013-05-08 |
CN103109295A (zh) | 2013-05-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10320818B2 (en) | Systems and methods for detecting malicious computing events | |
US9166997B1 (en) | Systems and methods for reducing false positives when using event-correlation graphs to detect attacks on computing systems | |
US8528090B2 (en) | Systems and methods for creating customized confidence bands for use in malware detection | |
US8739284B1 (en) | Systems and methods for blocking and removing internet-traversing malware | |
US9330258B1 (en) | Systems and methods for identifying uniform resource locators that link to potentially malicious resources | |
US9141790B2 (en) | Systems and methods for using event-correlation graphs to detect attacks on computing systems | |
US9148441B1 (en) | Systems and methods for adjusting suspiciousness scores in event-correlation graphs | |
US9838405B1 (en) | Systems and methods for determining types of malware infections on computing devices | |
US8806641B1 (en) | Systems and methods for detecting malware variants | |
US8769685B1 (en) | Systems and methods for using file paths to identify potentially malicious computer files | |
US9043922B1 (en) | Systems and methods for determining malicious-attack exposure levels based on field-data analysis | |
US9171156B1 (en) | Systems and methods for managing malware signatures | |
US10735468B1 (en) | Systems and methods for evaluating security services | |
US9202050B1 (en) | Systems and methods for detecting malicious files | |
US10366233B1 (en) | Systems and methods for trichotomous malware classification | |
CA2915068C (fr) | Systemes et procedes permettant de commander des mises a jour d'applications | |
US9104873B1 (en) | Systems and methods for determining whether graphics processing units are executing potentially malicious processes | |
US9385869B1 (en) | Systems and methods for trusting digitally signed files in the absence of verifiable signature conditions | |
US8321940B1 (en) | Systems and methods for detecting data-stealing malware | |
US9332025B1 (en) | Systems and methods for detecting suspicious files | |
US10489587B1 (en) | Systems and methods for classifying files as specific types of malware | |
US9489513B1 (en) | Systems and methods for securing computing devices against imposter processes | |
US9646158B1 (en) | Systems and methods for detecting malicious files | |
US9483643B1 (en) | Systems and methods for creating behavioral signatures used to detect malware | |
US9323924B1 (en) | Systems and methods for establishing reputations of files |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 201180028892.0 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 11722671 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2013518400 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2011722671 Country of ref document: EP |